[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 279
  • Last Modified:

Cannot access web sites from 2003 with ISA

My server stopped accessing the internet 2 days ago. Its running 2003 with ISA and Symantec Coprorate edition.
I can ping remote IP addresses. I can connect into the server through VPN and Remote Desktop. A router connected separatly into a Sprint modem has is working fine with 12 w/s connetec directly into it. The rest of the computers in the network connect via the server.

The actual message displayed is" The website cannot be found"
<The website you are looking for is unavailable due to its identification configuration settings>

This looks like a tranlation problem but I have no clue where to configure this.

SOS
0
cvmanzira
Asked:
cvmanzira
  • 11
  • 8
  • 2
  • +2
1 Solution
 
TheTullCommented:
Have you verified that it is attempting to connect to the web sites properly, using the correct ports?

Check this out:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q248034&sd=tech 
0
 
cvmanziraAuthor Commented:
here are my settings:

I have two network adapters : internet side=192.168.21.5
Lan side= 192.168.20.1  DNS=192.168.20.1, WINS=192.168.20.1

default web site                    running 192.168.20.1   port= 80      ssl port 443
microsoft sharepoint admin    running  192.168.20.1   port=2362
Sharepoint Central admin     running  192.168.20.1   port= 8081    
companyweb                       running  192.168.20.1   port= 80       ssl  444
 Symantec mail security       running    192.168.20.1   port= 8082  
0
 
cvmanziraAuthor Commented:
I have stopped the ISA service, all exchange services and windows 2003 firewall and still cannot access the internet
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
Sam PanwarSr. Server AdministratorCommented:
Hi,

That kind of tells me that the host headers on the webserver for each site are not configured properly. ISA is trying to connect to the site by the host header name. That name is used to differentiate each site on the machine. If not configured properly, it seems that you'll get the results that you are experiencing.

And also go to the IIS> website > right click > properties > there you see the host header

Are the host headers configured properly? Are one of the sites on the machine using SSL?

Here's some info on hostheaders:

Using Host Headers to Allow for One I.P Address to Host Multiple Domains:
http://www.4guysfromrolla.com/ASPscripts/PrintPage.asp?REF=/webtech/0...

HOW TO- Use Host Header Names to Host Multiple Sites from One IP
Address in IIS 5.0:
http://support.microsoft.com/default.aspx?scid=kb;en-us;190008

 HOW TO Configure DNS Records for Your Web Site in Windows 2000:
http://support.microsoft.com/?id=315982

IIS Answers - How to create multiple websites with one IP address:
http://www.iisanswers.com/Top10FAQ/t10-hostheaders.htm

 Error Message- No Web Site Is Configured At This Address When UsingHost Headers:
http://support.microsoft.com/default.aspx?scid=kb;en-us;300238

 How to use SSL and MCMS 2001 on a Web site that has host headers enabled:
http://support.microsoft.com/default.aspx?scid=kb;en-us;321650

187504 - HTTP 1.1 Host Headers Are Not Supported When You Use SSL:
http://support.microsoft.com/default.aspx?scid=kb;en-us;187504 

Other Problem may be
this seems to be a problem with name resolution also . Did you check your DNS configuration?

Go to start > administrator tool> DNS
see the forword zone of your site .
You have to all record of that website like A,NS ,www record in this zone .
0
 
Leon FesterCommented:
Stopping ISA server will disable all browsing via that machine.

Where does the website reside? On your server or external network?

Is it 1 specific site or all sites.
0
 
mattacukCommented:
Can you ping any web url's with there DNS name?
0
 
cvmanziraAuthor Commented:
"Stopping ISA server will disable all browsing via that machine.

Where does the website reside? On your server or external network?

Is it 1 specific site or all sites."

I cannot access any website at all, before whatever occured, all websites where accesible and exchange was sending and recieving emails.

"Can you ping any web url's with there DNS name?"

I cannot ping websites by their DNS names, I can ping their IPs
0
 
mattacukCommented:
thanks, could i please see the contents of the IPCONFIG/ALL command please? please feel free to edit things you might feel you dont ant people to see for security reasons.
0
 
mattacukCommented:
note, i personally feel  this is a DNS/Networking issue not an upper layer problem. You should be able to ping Internet names regardless of what is install be that ISA,  IIS etc.
0
 
TheTullCommented:
Yes, it definitely seems related to DNS, you can try putting just the IP address into the web browser and see if you get anything.  Although keep in mind that several websites need the HTTP header in order to load the correct page.

But definitely fix your DNS issues, or let us help you with them.
0
 
mattacukCommented:
If i can see the IPconfiguration of the NIC's inside your server, i may be able to help you with this issue.
0
 
cvmanziraAuthor Commented:
Ethernet adapter - Network connections -internet side

IP                       192.168.21.5
subnet                 255.255.255.0
default gateway   192.168.21.1
pri dns                192.168.20.1
sec dns               192.168.20.1
netbios over tcp   disabled

ethernet adapter- server local area connection

IP                       192.168.20.1
subnet                 255.255.255.0
default gateway  
pri dns                192.168.20.1
sec dns               192.168.20.1
0
 
mattacukCommented:
Ok thanks. can you ping Internet DNS names from the DNS server on your internet LAN ?
0
 
mattacukCommented:
note; I notice on you lan nic you specify 192.168.20.1 for your dns server - are you running DNS on the same sever as your having problems with?

thanks
0
 
cvmanziraAuthor Commented:
I cannot ping dns names

--Yes , i am running dns on the same server.

 
0
 
mattacukCommented:
Ok thanks. Assumeing the DNS service is started and running? have you set fowarding on this server? and are you allowing DNS traffic through your firewall solution?

thanks
0
 
cvmanziraAuthor Commented:
nslookup returns an error

"DNS request timed out
timeout was 2 secs
request to localhost timed out"
0
 
mattacukCommented:
What are you useing for a firewall/router solution ?
0
 
cvmanziraAuthor Commented:
Microsoft Firewall is enabled
I am also using ISA firewall
0
 
mattacukCommented:
i feel something must be blocking the DNS port (53) somewhere. Make sure your router is letting this  pass. And any third party firewalls you think may be interfering.

thanks
0
 
mattacukCommented:
note; nslookup returns an error

"DNS request timed out
timeout was 2 secs
request to localhost timed out"

this would also imply DNS is being blocked, possibly by a firewall device.
0
 
cvmanziraAuthor Commented:
The DNS was corrupt, even a reinstallation could not repair it. Also the active Directory was damaged. I ended up just reinstalling the entire Windows 2003.

Thank you for your great help!!!!
0
 
mattacukCommented:
excellent, glad your up and running.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

  • 11
  • 8
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now